public marks

PUBLIC MARKS with tags server & file

October 2008

Howto: ISP-style Email Server with Debian-Etch and Postfix 2.3

by camel (via)
The configuration described here is not very complicated but still needs to be done carefully. You are expected to have at least basic knowledge of: * MySQL (creating a database, granting access to users, basic SQL queries) * SMTP (what it is and what a basic SMTP dialog looks like) * POP3, IMAP (what they do and what the differences are) * basic Postfix configuration (understand the default settings in your main.cf, have read through the basic configuration document and know that your mail log file is at /var/log/mail.log) * Debian/Linux (general system administration, using a text editor, reading log files)

Box Backup - Trac

by camel
Box Backup is an open source, completely automatic, on-line backup system. It has the following key features: * All backed up data is stored on the server in files on a filesystem - no tape, archive or other special devices are required. * The server is trusted only to make files available when they are required - all data is encrypted and can be decoded only by the original client. This makes it ideal for backing up over an untrusted network (such as the Internet), or where the server is in an uncontrolled environment. * A backup daemon runs on systems to be backed up, and copies encrypted data to the server when it notices changes - so backups are continuous and up-to-date (although traditional snapshot backups are possible too). * Only changes within files are sent to the server, just like rsync, minimising the bandwidth used between clients and server. This makes it particularly suitable for backing up between distant locations, or over the Internet. * It behaves like tape - old file versions and deleted files are available. * Old versions of files on the server are stored as changes from the current version, minimising the storage space required on the server. Files are the server are also compressed to minimise their size. * Choice of backup behaviour - it can be optimised for document or server backup. * It is designed to be easy and cheap to run a server. It has a portable implementation, and optional RAID implemented in userland for reliability without complex server setup or expensive hardware.

August 2008

Throttling qmail SMTP receive bandwidth | www.enchantedage.com

by camel
I wrote the program "throttle.c," which you can insert into the tcpserver chain of commands for a qmail smtpd server. It takes one argument: the number of kilobytes per second to let through on the incoming file descriptor. Throttle does not throttle the outgoing file descriptor, because that's usually just status from your mail server. Additionally, throttle will set an alarm, so that any session longer than 15 minutes will expire and disconnect. This affords some amount of protection against lingering sessions that eat up your parallelism limit; I've seen such sessions from presumably trojaned DSL machines connecting to the mail server to send spam.

June 2008

flv streaming with lighttpd

by camel & 2 others (via)
1.4.11 got a new module for streaming Flash movie files called mod_flv_streaming. This module allows you to seek in FLV files using the high performance infrastructure of lighttpd. The idea is simple and explained and implemented on ‘Streaming’ flv video via PHP, take two at http://www.flashcomguru.com/ But instead of streaming the file through PHP we do it in the webserver. The module expects a request for the URL which matches flv-streaming.extensions and can handle a ’?start=’ as part of the request. The information to pass into the ‘start’ parameter is extractly by the flash-player from the meta-data of the flv-files. The meta-data can be setup with flvtool2 Now I leave it to you to combine this with mod_secdownload to create a flv-streaming server for free with deep/hot linking protected movies. server.modules = ( ..., "mod_secdownload", ## optional "mod_flv_streaming", ... ) flv-streaming.extensions = ( ".flv" ) Take the flash-player from flashcomguru and adjust the URL in the player and try yourself.

February 2008

Apsis Gmbh

by camel & 2 others
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away. WHAT POUND IS: 1. a reverse-proxy: it passes requests from client browsers to one or more back-end servers. 2. a load balancer: it will distribute the requests from the client browsers among several back-end servers, while keeping session information. 3. an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers. 4. an HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones. 5. a fail over-server: should a back-end server fail, Pound will take note of the fact and stop passing requests to it until it recovers. 6. a request redirector: requests may be distributed among servers according to the requested URL. Pound is a very small program, easily audited for security problems. It can run as setuid/setgid and/or in a chroot jail. Pound does not access the hard-disk at all (except for reading the certificate file on start, if required) and should thus pose no security threat to any machine.

January 2008

Using multiple network cards in XEN 3.0

by camel
Xen is great. But installing more than one network card became a pain when I tried it the first time. There are some documents describing the principle but I was unable to find a real life example somewhere else. So this is a summary about how it works here now. Using a bridge for a Dom is generally a good idea but then all packets traversing the bridge can be intercepted by any Dom that is using the same bridge. Having a single network card in a Xen landscape also means that theoretically each Dom would be able to sniff all packets traversing this single network card including packets to and from other Doms. A solution is to have more than one network card attached to Xen using a single network card for a single dom. The scenario described here has a server with 3 network cards installed. The first card should be used to access Dom0 and some other DomNs while the second and third network card should be used to purely access Dom1 rsp. Dom2. The Dom configuration file just needs to select the appropriate bridge for each dom.

November 2007

ssh on multiple servers Using cluster ssh -- Debian Admin

by camel
Ever had to make the same change on more than one Linux/unix server? Find it annoyingly painful to keep repeating the exact same commands again and again and again? This tool addresses exactly this problem. You run a utility (cssh) providing a number of server names as parameters, and then xterms opens up to each server with an extra “console” window. Anything typed into the console is replicated into each server window (so, for examples, you can edit the same file on N machines at the same time, or run the same commands with the same parameters across those servers). It is also possible to type into the server windows directly, or temporarily disable replication to one or more of the servers through the “Hosts” menu.

February 2007

Woof - Partage simple de fichier par HTTP - Yop

by camel
Woof - Partage simple de fichier par HTTP - Yop

December 2006

November 2006

PUBLIC TAGS related to tag server

blog +   design +   diary +   html +   it +   japan +   network +   wordpress +   ブログ +   サーバ +   ネットワーク +  

Active users

camel
last mark : 16/10/2008 13:18

liquidat
last mark : 15/12/2006 22:47

kaburliic
last mark : 15/11/2006 08:28